Question 1
A cloud service provider does not allow audits using automated tools as these tools could be considered destructive techniques for the cloud environment. Which of the following aspects of the audit will be constrained?
Question 2
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?
Question 3
Which data security control is the LEAST likely to be assigned to an IaaSprovider?
Question 4
The criteria for limiting services allowing non-critical services or services requiring high availability and resilience to be moved to the cloud is an important consideration to be included PRIMARILY in the:
Question 5
An organization is in the initial phases of cloud adoption. It is not very knowledgeable about cloud security and cloud shared responsibility models. Which of the following approaches is BEST suited for such an organization to evaluate its cloud security?